The Bank of Tokyo-Mitsubishi recently notified some employees that their names and Social Security numbers had been erroneously emailed by their vendor AON Hewitt to another client of AON Hewitt. The email error occurred on August 2 and employees were notified on September 3. Although the risk analysis indicated a very low risk of misuse, the bank required AON Hewitt to offer those affected free credit monitoring services for one year.
Overall, good handling and good communication. Read their letter and see what you think.